I want to use file_get_contents to implement a proxy so I can do ajax cross domain requests.
Querystring will be used to supply the URL to file_get_contents. Now the problem is people can muck around with the querystring in order to read local files on the server. I dont want this. Can someone get me a function to sinitize the querystring in order to accept only urls and not local files: ie:
?url=http://google.com.au - OK
?url=./passwords.txt - Not OK